# Working Context
*Updated: 2026-02-24 21:00 ET (nightly maintenance)*

## Last Active Session
Full day session (Feb 24). Johan was on his regular sleep schedule. Primary focus was Spacebot/Andrew debugging and DealRoom feature gaps.

## What Was Accomplished Today

### Spacebot / Andrew (192.168.1.17) — Big Day
- **Model switched:** Gemini → MiniMax M2.5 (Fireworks) → **Claude Sonnet 4.6 via Anthropic OAuth** (final choice)
- Updated to v0.1.15 — pulled latest Docker image, recreated container
- Anthropic OAuth credentials stored at `/data/anthropic_oauth.json` inside container
- Fireworks API: `fw_RVcDe4c6mN4utKLsgA7hTm` valid; `fw_TGADpSki7zak4K9JxPzbXU` EXPIRED — avoid
- IDENTITY.md ingested (corrected HA IP, Andrew vs James name)
- **Known broken:** Worker dispatch — channel calls `reply()` and exits. Multi-step agentic tasks silently fail.
- **Cortex profile regeneration:** Old 200 memories override new IDENTITY.md. Will self-correct over time.
- **PR #193 submitted** to https://github.com/spacedriveapp/spacebot:
  - Settings dialog pre-populates model from active routing config
  - `get_providers()` counts Anthropic OAuth as "configured"
  - Reviewer: `jamiepine` (maintainer) — said "very helpful change"
  - **Rebased** on latest main, used `find(a => a.id === 'main')`, added `useEffect` for config load sync
- **Johan's verdict:** "The foundation is a LOT better than OpenClaw." Revisiting Andrew 2026-03-03.

### GitHub PAT
`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` — 30-day, repo scope, johanjongsma account. Expires ~2026-03-26.

### OpenClaw updated to 2026.2.23
- Updated from 2026.2.22-2 during night shift
- Key: Kilo Gateway provider, compaction overflow recovery, exec hardening, ACP/OTEL secret redaction
- **ClawHub malware incident:** #1 most downloaded skill was SSH key stealer + reverse shell. ~20% of marketplace skills malware. We're safe — only built-in + manual skills.
- **SkillSMP.com** — 3rd party marketplace trying to fill ClawHub gap. Treat as hostile.
- **Scope preservation patch:** No longer needed (dangerouslyDisableDeviceAuth not in config).
- **Deleted transcript indexing patch:** Reapplied to `query-expansion-*.js`.

### DealRoom — Misha's Feature Gaps (3 open)
Claude Code ran overnight and implemented most of the spec. After review, 3 gaps identified:
1. **Per-group folder visibility checkboxes** (spec 2.e.i.2) — MISSING
2. **Saved folder structure templates** (spec 2.f.i.2.i) — MISSING  
3. **Auto-assign review step** (spec 3.b.2) — fires automatically, no user review UI
- **TODO:** Spawn agent to fix all 3 when Johan is ready.

### inou Labs — LOINC Bug (OPEN)
- Symptom: "pretty charts not showing in Labs, LOINC matching not working"
- Root cause: `buildLabRefData()` reads `data["loinc"]` but production DB has 0 entries with loinc in JSON
- `Normalize()` says "all entries normalized" because `SearchKey2` is set — but `data["loinc"]` was never populated
- Gemini API key IS valid (200 response)
- reference.db has 448 lab_test + 1551 lab_reference entries — reference data exists
- Entry data is encrypted — can't inspect raw from SQLite
- **Fix direction:** Either force re-normalize on prod, OR fix `buildLabRefData()` to fall back to `e.SearchKey` (which IS the LOINC code)
- **TODO:** Fix when Johan wakes up.

### Google Antigravity Key — Dead
- Token expired Feb 19, refresh fails — Google revoked the Antigravity OAuth app
- **inou is fine** — uses direct Gemini API key, works
- Johan doesn't mind — not a priority

## Pending / Watch
- **DealRoom gaps** — 3 spec items missing. Spawn agent when Johan ready.
- **inou Labs LOINC bug** — fix in `buildLabRefData()` or force re-normalize
- **Misha (Andrew PR #193)** — awaiting `jamiepine` review/merge
- **Roos** — Emailed + Signal'd reconnect instructions. Verify she reconnected.
- **Spacebot worker dispatch** — broken. DO NOT upgrade Andrew container until worker dispatch fixed (watching PRs). Revisit 2026-03-03.
- **MyChart/DICOM** — Johan wants to extract Sophia's DICOMs. Credentials not yet provided.
- **Config repo SSH push** — Zurich config-backup → git@zurich.inou.com:zurich-config.git (blocked on SSH keys)
- **Proton Bridge on 192.168.1.17** — should be decommissioned (old James machine)
- **Kernel reboot** — forge running 6.8.0-100-generic, 6.8.0-101 is the expected. Needs reboot at convenient time.

## Key Contacts
- **Misha** = Michael Jongsma (Johan's son) — misha@muskepo.com, Signal +17272381189
- **Tanya** = Tatyana (Johan's wife) — tanya@jongsma.me — **DO NOT CONTACT without explicit permission**
- **Roos** = Friend/contact — Signal +31646563377

## Active Services
- DealRoom (Misha): `systemctl --user status dealroom` (port 9300) ✅
- Message Center: `systemctl --user status mail-bridge` (port 8025) ✅
- Spacebot (Andrew): docker on 192.168.1.17:19898 ✅
- fail2ban: active on home Caddy Pi + Zurich ✅
- Stalwart: serving LE cert (mail.jongsma.me, valid Feb 23–May 24 2026) ✅
- OCR Service: http://192.168.3.138:8090 ✅

## Infrastructure Status
- **forge (192.168.1.16):** Production James server, OpenClaw 2026.2.23, kernel 6.8.0-100 (101 pending reboot)
- **Zurich (82.22.36.202):** 5 fail2ban jails, Stalwart mail, ntfy, Kuma, LE cert active
- **Caddy Pi (192.168.0.2):** 4 fail2ban jails, reverse proxy for immich/hass/docsys
- **Spacebot server (192.168.1.17):** Andrew/Spacebot test, old James machine

## Corrections Logged Today
1. When Johan shares a tweet about a product → describe the product, not the post. Skip "this is marketing" framing.